Best Practices: Accessing and Monitoring Staff Email

Published: June 24th, 2013

The following situations or requirements are all very common to small and medium-sized businesses:

“We have travelling sales people who need to be able to access all their emails online.”

“We have users whose inbound/outbound email needs to be reviewed or accessible by management.”

“We have users who need to access the same email folders or addresses all of the time.”

These kinds of situations usually require

  1. Storage of lots of email, and
  2. Shared access to that email

In this article, we discuss some of the best ways to meet these needs and what things to avoid.  In short, the answer is to use shared email folders combined with email archival for maximum redundancy and reliability.  For what this means and why, read on:

1. Use Email Archival

The first solution is to use Premium Email Archival.  With our archival solution:

  1. Copies of all sent and received email are stored for as long as you need.  The current maximum is 10 years, but this will be extendable in the future.
  2. Archived email cannot be edited or deleted, so you can always find what you need and can even use this for legal discovery
  3. Individual user archives can be made accessible to both the end users themselves and to management
    1. End users can search and find any email or set of emails that they need
    2. Management can similarly retrieve/review messages as needed in case the employee is unavailable.  This is even more valuable in the case of employee misconduct, since the employee cannot alter the archives…
  4. Storage space is no concern. No matter how much email you keep for each user, neither the price nor the performance of the archival is affected.

Use of email archival can help you avoid or prevent the following:

  • Keeping all of your email history in your online email folders.
    1. Large numbers of messages and disk space will generally slow your services down, making it more difficult to perform even day-to-day tasks like viewing new messages.
  • Malicious deletion of messages
    1. Without archival, employees can delete messages from their sent and received email folders, leaving little trace of their activities.
  • Accidental deletion of emails
    1. It is easy to accidentally delete messages in your regular email folders without realizing it. You may also mistakenly delete messages thinking that they are no longer needed. Backups may be available, but without archival there is no guarantee.
    2. It is also easy to delete messages by mistake when setting up new email programs and devices.  The probability of this is magnified when multiple people share access to the same email folders.

2. Shared Email Folders: for shared WebMail access

For users of LuxSci WebMail, the best way to provide access to one user’s email folder or folders (e.g. the INBOX and sent email folders) is to use the “Share Folder” feature:

  1. Any folder or folders can be shared with particular users, groups or users (e.g. the “Sales Oversight” group), or the account as a whole
  2. The sharing can be read only or read-write (e.g. deletions, annotations, and tagging are permitted).
  3. The users with whom the folders are shared can then access the email in them via their own WebMail email interface … they show up as new folders under the sharee’s name.

Shared email folders makes it very simple to grant and control access to specific email folders and also to provide read-only access for reviewers.

3. Shared User Accounts: for IMAP access

For customers not using WebMail but who need the ability for multiple users to access the same email folders, we instead recommend a “shared user”:

  1. Everyone knows this user’s username and password for email access
  2. Everyone configures an account for this user in their own email programs and devices
  3. Everyone can then access this user’s email concurrently
  4. Shared email access is best done via IMAP and/or MobileSync.

All LuxSci users support concurrent access to email folders by any number of connections.  You can read, tag, delete, forward messages, etc.

Be careful of the “gotcha’s”!

  1. Do not use POP for shared email folder access
    1. POP is not efficient when you are keeping copies of messages also “on the server”
    2. It always happens that someone sets up their POP client wrong and downloads and deletes all messages from the server, breaking any sharing of access
    3. POP can only access a user’s INBOX
    4. We recommend disabling POP access for users intended for shared IMAP/MobileSync access, to prevent POP problems from ever arising.
  2. Make backups — when everyone has read-write access, things happen
    1. Protect against accidental deletion – use email archival
    2. Also, you can make automatic copies of all inbound email using our “BACKUP folder” option, email capturing, or custom rules.

4. What does LuxSci do?

LuxSci uses all of these mechanisms to mange our busy sales and support queues, to enable everyone access to the needed email messages, and to provide all available levels of backup:

For “keeping it shared and in sync

  1. Shared read-write folders for WebMail users
  2. Shared IMAP/MobileSync users for desktop programs and smartphone users

For “keeping it clean

  1. We delete messages or move them to other folders when we are done processing them
  2. We keep the INBOX folders as clean as possible … they typically have less than 100 messages in them at any time.
  3. We use LuxSci’s “automatic folder management” features to have folders spawn dated copies of themselves and then reset when they get large.  This prevents folders from growing to unwieldy sizes.

For “keeping it safe

  1. Backup Folder: We have rules setup to save a copy of all recent messages to a “BACKUP” folder and to delete old messages out of that folder automatically.  This then becomes a real-time backup of recent messages.
  2. Backup Accounts: We have copies of all messages sent to alternate LuxSci accounts on separate servers so it is all accessible in the event of any server issue.  Read more about this solution here: Are you prepared for disaster?
  3. Archival: Copies of all inbound and outbound messages save to Premium Email Archival and kept for 10 years.

5. What about HIPAA?

If you are a HIPAA account that sends/receives ePHI via email, then:

  1. Use Archival: Email Archival is practically required as it provides the backups and emergency access to email that is needed.
  2. Do not use “Shared users: HIPAA requires that each person has a unique trackable login to services.  With shared user logins, per-person accountability and tracking is lost.  Instead, you should use WebMail and “shared folders”. Or, you can use email filtering and forwarding features to automatically distribute copies of messages to each individual user.

Please contact LuxSci for advise on how to best configure your account to meet your email collaboration needs.

 

Leave a Comment


You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.